From 0efdad4d69e9abdf9778ed3f7227cc78babce34d Mon Sep 17 00:00:00 2001
From: Andreas Fackler <AndreasFackler@gmx.de>
Date: Wed, 26 Sep 2018 14:07:12 +0200
Subject: [PATCH] Prepare for adding mock cryptography for testing.

* Add a feature flag (that doesn't do anything yet).
* Give `clear_fr` a stronger type to prevent mistakes and ensure the
  right amount of memory gets cleared.
* Re-export the engine and related types from `lib.rs`.
---
 .travis.yml      |  1 +
 Cargo.toml       |  3 +++
 benches/bench.rs |  2 +-
 src/lib.rs       | 19 ++++++++++---------
 src/poly.rs      | 12 +++++-------
 src/secret.rs    |  6 +++---
 6 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 6a025f6..45a9a52 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -19,6 +19,7 @@ env:
 script:
   - cargo clippy --tests --examples --benches -- --deny clippy
   - cargo fmt -- --check
+  - cargo test --release
   - cargo test --all-features --release
   - cargo doc
   - cargo deadlinks --dir target/doc/threshold_crypto/
diff --git a/Cargo.toml b/Cargo.toml
index 635714d..7cac914 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -39,3 +39,6 @@ serde_derive = "1.0.55"
 [[bench]]
 name = "bench"
 harness = false
+
+[features]
+use-insecure-test-only-mock-crypto = []
diff --git a/benches/bench.rs b/benches/bench.rs
index 7420509..0929a59 100644
--- a/benches/bench.rs
+++ b/benches/bench.rs
@@ -5,8 +5,8 @@ extern crate rand;
 extern crate threshold_crypto;
 
 use criterion::Criterion;
-use pairing::bls12_381::Fr;
 use threshold_crypto::poly::Poly;
+use threshold_crypto::Fr;
 
 const TEST_DEGREES: [usize; 4] = [5, 10, 20, 40];
 const TEST_THRESHOLDS: [usize; 4] = [5, 10, 20, 40];
diff --git a/src/lib.rs b/src/lib.rs
index 05ba9ed..c24eb94 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -35,15 +35,16 @@ use std::ptr::copy_nonoverlapping;
 
 use byteorder::{BigEndian, ByteOrder};
 use init_with::InitWith;
-use memsec::{memzero, mlock, munlock};
 
-use pairing::bls12_381::Bls12 as PEngine;
-type Fq = pairing::bls12_381::Fq;
-type Fr = pairing::bls12_381::Fr;
-type G1 = pairing::bls12_381::G1;
-type G1Affine = pairing::bls12_381::G1Affine;
-type G2 = pairing::bls12_381::G2;
-type G2Affine = pairing::bls12_381::G2Affine;
+// #[cfg(not(feature = "use-insecure-test-only-mock-crypto"))]
+pub use pairing::bls12_381::{Bls12 as PEngine, Fr, G1Affine, G2Affine, G1, G2};
+
+// TODO: Add mock cryptography for tests.
+// #[cfg(feature = "use-insecure-test-only-mock-crypto")]
+// pub use pairing::mock::{
+//     Mersenne8 as Fr, Mocktography as PEngine, Ms8Affine as G1Affine, Ms8Affine as G2Affine,
+//     Ms8Projective as G1, Ms8Projective as G2,
+// };
 
 use pairing::{CurveAffine, CurveProjective, Engine, Field};
 use rand::{ChaChaRng, OsRng, Rand, Rng, SeedableRng};
@@ -341,7 +342,7 @@ impl SecretKey {
         unsafe {
             copy_nonoverlapping(fr_ptr, &mut *boxed_fr as *mut Fr, 1);
         }
-        clear_fr(fr_ptr as *mut u8);
+        clear_fr(fr_ptr);
         let sk = SecretKey(boxed_fr);
         sk.mlock_secret()?;
         Ok(sk)
diff --git a/src/poly.rs b/src/poly.rs
index 2c8758c..2c62afb 100644
--- a/src/poly.rs
+++ b/src/poly.rs
@@ -23,8 +23,6 @@ use std::mem::size_of_val;
 use std::{cmp, iter, ops};
 
 use super::{Fr, G1Affine, G1};
-use errno::errno;
-use memsec::{memzero, mlock, munlock};
 use pairing::{CurveAffine, CurveProjective, Field};
 use rand::Rng;
 
@@ -78,7 +76,7 @@ impl<B: Borrow<Poly>> ops::AddAssign<B> for Poly {
             }
         }
         for (self_c, rhs_c) in self.coeff.iter_mut().zip(&rhs.borrow().coeff) {
-            self_c.add_assign(rhs_c);
+            Field::add_assign(self_c, rhs_c);
         }
         self.remove_zeros();
     }
@@ -146,7 +144,7 @@ impl<B: Borrow<Poly>> ops::SubAssign<B> for Poly {
             }
         }
         for (self_c, rhs_c) in self.coeff.iter_mut().zip(&rhs.borrow().coeff) {
-            self_c.sub_assign(rhs_c);
+            Field::sub_assign(self_c, rhs_c);
         }
         self.remove_zeros();
     }
@@ -237,7 +235,7 @@ impl ops::MulAssign<Fr> for Poly {
             self.coeff.clear();
         } else {
             for c in &mut self.coeff {
-                c.mul_assign(&rhs);
+                Field::mul_assign(c, &rhs);
             }
         }
     }
@@ -415,7 +413,7 @@ impl Poly {
         // We create a raw pointer to the field element within this method's stack frame so we can
         // overwrite that portion of memory with zeros once we have copied the element onto the
         // heap as part of the vector of polynomial coefficients.
-        let fr_ptr = &c as *const Fr as *mut u8;
+        let fr_ptr = &c as *const Fr;
         let poly = Poly::try_from(vec![c])
             .unwrap_or_else(|e| panic!("Failed to create constant `Poly`: {}", e));
         clear_fr(fr_ptr);
@@ -433,7 +431,7 @@ impl Poly {
         // We create a raw pointer to the field element within this method's stack frame so we can
         // overwrite that portion of memory with zeros once we have copied the element onto the
         // heap as part of polynomials `coeff` vector.
-        let fr_ptr = &c as *const Fr as *mut u8;
+        let fr_ptr = &c as *const Fr;
         let res = Poly::try_from(vec![c]);
         clear_fr(fr_ptr);
         res
diff --git a/src/secret.rs b/src/secret.rs
index c68c776..183584d 100644
--- a/src/secret.rs
+++ b/src/secret.rs
@@ -7,7 +7,7 @@ use std::ops::{Deref, DerefMut};
 
 use errno::errno;
 use memsec::{memzero, mlock, munlock};
-use pairing::bls12_381::Fr;
+use Fr;
 
 use error::{Error, Result};
 
@@ -32,8 +32,8 @@ lazy_static! {
 }
 
 /// Overwrites a single field element with zeros.
-pub(crate) fn clear_fr(fr_ptr: *mut u8) {
-    unsafe { memzero(fr_ptr, *FR_SIZE) };
+pub(crate) fn clear_fr(fr_ptr: *const Fr) {
+    unsafe { memzero(fr_ptr as *mut u8, *FR_SIZE) };
 }
 
 pub(crate) struct MemRange {